Theory and Practice of Secure Systems

Reference

CS 395T - Theory and Practice of Secure Systems (56605)

Fall 2006

Software security
(see also references on Privacy, Voting and Other)

Design principles of secure systems

Reflections on Trusting Trust by Ken Thompson (Turing Award lecture)
Why Cryptosystems Fail by Anderson
Secure Programming for Linux and Unix HOWTO by Wheeler
Improving the Security of Your Site by Breaking Into It by Farmer and Venema
Prudent Engineering Practice for Cryptographic Protocols by Abadi and Needham

Buffer overflow and memory corruption exploits

Basic overflow attacks

Smashing The Stack for Fun and Profit by Aleph One
The Tao of Windows Buffer Overflow as taught by DilDog
Blended Attacks Exploits, Vulnerabilities and Buffer-Overflow Techniques in Computer Viruses by Chien and Szor
Defeating the Buffer Overflow Prevention Mechanism of Microsoft Windows 2003 Server by Litchfield
Bypassing StackGuard and StackShield by Bulba and Kil3r

Attacks on heaps, integers, format strings, memory allocators

w00w00 on Heap Overflows by Matt Conover and w00w00 Security Team
Basic Integer Overflows by blexim
Exploiting Format String Vulnerabilities by scut / team teso
Once Upon a free() by anonymous
How To Hijack the Global Offset Table by c0ntex

Defenses against buffer overflow attacks

Buffer Overflows: Attacks and Defenses for the Vulnerability of the Decade by Cowan et al.
PointGuard: Protecting Pointers from Buffer Overflow Vulnerabilities by Cowan et al.
Backwards-Compatible Bounds Checking for Arrays and Pointers in C Programs by Jones and Kelly
A Practical Dynamic Buffer Overflow Detector by Ruwase and Lam
TIED, LibsafePlus: Tools for Runtime Buffer Overflow Protection by Avijit, Gupta, and Gupta
High Coverage Detection of Input-Related Security Faults by Larson and Austin

Static techniques for memory safety

A First Step Towards Automatic Detection of Buffer Overrun Vulnerabilities by Wagner et al.
CCured: Type-Safe Retrofitting of Legacy Code by Necula, McPeak, and Weimer
Safe Kernel Extensions Without Run-Time Checking by Necula and Lee

Address space randomization

On the Effectiveness of Address-Space Randomization by Shacham et al.
ASLR by PaX
Address Obfuscation: an Efficient Approach to Combat a Broad Range of Memory Error Exploits and Efficient Techniques for Comprehensive Protection from Memory Error Exploits by Bhatkar, DuVarney, and Sekar
Transparent Runtime Randomization for Security by Xu, Kalbarczyk, and Iyer

Defenses against format string attacks

FormatGuard: Automatic Protection from printf Format String Vulnerabilities by Cowan et al.
Detecting Format String Vulnerabilities with Type Qualifiers by Shankar et al.
Preventing Format-String Attacks via Automatic and Efficient Dynamic Checking by Ringenburg and Grossman

Sandboxing and program shepherding

Secure Execution via Program Shepherding by Kiriansky, Bruening, and Amarasinghe
Control-Flow Integrity by Abadi et al.
XFI: Software Guards for System Address Spaces by Erlingsson et al.
A Note on the Confinement Problem by Lampson
Efficient Software-Based Fault Isolation by Wahbe et al.
SASI Enforcement of Security Policies: A Retrospective by Erlingsson and Schneider
A Flexible Containment Mechanism for Executing Untrusted Code by Peterson, Bishop, and Pandey
Traps and Pitfalls: Practical Problems in System Call Interposition Based Security Tools by Garfinkel

Analysis and verification of software

Setuid Demystified by Chen, Wagner, and Dean
Model Checking One Million Lines of C Code by Chen, Dean, and Wagner
Using Programmer-Written Compiler Extensions to Catch Security Holes by Ashcraft and Engler
Finding User/Kernel Pointer Bugs With Type Inference by Johnson and Wagner
Automatic Discovery of API-Level Exploits by Ganapathy et al.

Detecting malicious behavior

Host-based

Intrusion Detection via Static Analysis by Wagner and Dean
Efficient Context-Sensitive Intrusion Detection by Giffin, Jha, and Miller
A Virtual Machine Introspection Based Architecture for Intrusion Detection by Garfinkel and Rosenblum
Anomaly Detection Using Call Stack Information by Feng et al.
Mimicry Attacks on Host-Based Intrusion Detection Systems by Wagner and Soto

Network-based

Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection by Ptacek and Newsham
Detecting Backdoors and Detecting Stepping Stones by Zhang and Paxson

Data and concurrency attacks

Non-Control-Data Attacks Are Realistic Threats by Chen et al.
Understanding Data Lifetime via Whole System Simulation by Chow et al.
Checking for Race Conditions in File Accesses by Bishop and Dilger
Dynamic Detection and Prevention of Race Conditions in File Accesses by Tsyrklevich and Yee
Fixing Races for Fun and Profit: How to abuse atime by Borisov et al.

Timing attacks

Timing Attacks on Implementations of Diffi-Hellman, RSA, DSS, and Other Systems by Kocher
Remote Timing Attacks Are Practical by Brumley and Boneh
Timing Analysis of Keystrokes and Timing Attacks on SSH by Song, Wagner, and Tian

Trusted computing

Experimenting with TCPA/TCG Hardware by Marchesini et al.
TCPA: The Mother(board) of All Big Brothers by Lucky Green
TCG Specification Architecture Overview
Terra: A Virtual Machine-Based Platform for Trusted Computing by Garfinkel et al.

Privacy and secure multi-party computation

Tutorials (by Goldreich)

Foundations of Cryptography
Zero-Knowledge
Secure Multi-Party Computation
See also A Proof of Yao's Protocol for Secure Two-Party Computation by Lindell and Pinkas

Database privacy

Security-Control Methods for Statistical Databases: A Comparative Study by Adam and Worthmann
Privacy-Preserving Data Mining by Agrawal and Srikant
On the Design and Quantification of Privacy Preserving Data Mining Algorithms by Agrawal and Aggarwal
Limiting Privacy Breaches in Privacy Preserving Data Mining by Evfimievski, Gehrke, and Srikant
Revealing Information While Preserving Privacy by Dinur and Nissim
Towards Privacy in Public Databases by Chawla et al.
Practical Privacy: The SuLQ Framework by Blum et al.
Auditing Boolean Attributes by Kleinberg, Papadimitriou, and Raghavan
Simulatable Auditing by Kenthapadi, Mishra, and Nissim
Privacy Preserving Data Mining by Lindell and Pinkas

Economics of privacy

Resources on the Economics of Privacy
Privacy and Rationality in Individual Decision Making by Acquisti and Grossklags
Privacy in Electronic Commerce and the Economics of Immediate Gratification by Acquisti
On the Economics of Anonymity by Acquisti, Dingledine, and Syverson

Voting security

Paper v. Electronic Voting Records - An Assessment by Shamos
Designing Voting Machines for Verification by Sastry, Kohno, and Wagner
Analysis of an Electronic Voting System by Kohno et al.
Security Analysis of the Diebold AccuVote-TS Voting Machine by Feldman, Halderman, and Felten
ACCURATE research center

Security logics and language-based security

Protocol Composition Logic (PCL) by Datta et al.
Language-Based Information-Flow Security by Sabelfeld and Myers